package com.zhixianggou.caibaobox.user.shiro.filter;

import com.zhixianggou.caibaobox.commons.result.ReturnCodeEnum;
import com.zhixianggou.caibaobox.commons.result.ReturnData;
import com.zhixianggou.caibaobox.commons.utils.WebUtil;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;
import org.apache.shiro.web.util.WebUtils;


import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

public class RoleAuthorizationFilter
		extends AuthorizationFilter
{

	protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue)
			throws Exception {
//		return super.onAccessDenied(request, response, mappedValue);
		HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;

        Subject subject = getSubject(httpRequest, httpResponse);

        Map<String, Object> map = new HashMap<String, Object>();

        if(subject.getPrincipal() == null) {
        	if( WebUtil.isAjax(httpRequest)){
        		map.put("success", false);
        		map.put("message", "您尚未登录或登录时间过长,请重新登录!");
        		map.put("errorCode", 101);
        		WebUtil.sendJson(httpResponse, map);
        	} else {
        		super.saveRequestAndRedirectToLogin(httpRequest, httpResponse);
        	}
        } else {
        	if(WebUtil.isAjax(httpRequest)){
        		map.put("success", false);
        		map.put("message", "您没有足够的权限执行该操作!");
        		map.put("errorCode", 102);
				WebUtil.sendJson(httpResponse, map);
        	} else {
        		String unauthorizedUrl = getUnauthorizedUrl();
                if (StringUtils.hasText(unauthorizedUrl)) {
                    WebUtils.issueRedirect(request, response, unauthorizedUrl);
                } else {
                    WebUtils.toHttp(response).sendError(401);
                }
        	}

        }


		HttpServletResponse httpServletResponse = (HttpServletResponse) response;
		httpServletResponse.setStatus(200);
		httpServletResponse.setContentType("application/json;charset=utf-8");

		PrintWriter out = httpServletResponse.getWriter();
		out.println(ReturnData.fail(ReturnCodeEnum.RC401).toString());
		out.flush();
		out.close();
		return false;
	}

	@Override
	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
			throws Exception {

		Subject subject = getSubject(request, response);
		HttpServletRequest req = (HttpServletRequest) request;
//		String path = req.getServletPath();
		String uri = req.getRequestURI();
        String contextPath = req.getContextPath();

        if (uri.endsWith("/pre")) {// 去掉pre
            uri = uri.substring(0, uri.length() - 4);
        }

        int i = uri.indexOf(contextPath);
        if (i > -1) {
            uri = uri.substring(i + contextPath.length());
        }
        if (uri==null||"".equals(uri)) {
            uri = "/";
        }

        if ("/".equals(uri)) {
        	return true;
        } else {
        	return subject.isPermitted(uri);
        }
	}



}
